Menu

Managing Projects: Risks and Issues (Part 1)

Managing Projects: Risks and Issues is a 5 part series providing practical advice and a brand new ‘CARE’ model to third sector project managers.

Part 1: Identifying project risks

From my conversations with other Project Managers in the third sector only a small number of them currently use a defined risk management strategy and there was a real appetite to learn more, so over the coming weeks, I will be writing a series of articles on PM3 – Project Management for the Third Sector’s approach to risk management. Risks are inherent in all projects and risk management is central to the role of a Project Manager.

Our ‘CARE’ model advises that projects should take the following approach to risks:

The series of articles will look at each element in our ‘CARE’ model in turn, and culminate in guidelines for creating a risk management strategy.

Capturing Project Risks

There are many ways in which you might capture project risks but most Project Managers would benefit from having a formal risk register for their project. A formal risk register enables you to record the details you need to assess, rate and monitor your risks and is widely used by professional Project Managers in most sectors. You can find lots of templates and online tools with a quick google search and you can tailor them to suit your project.

When you think about your risks how many relate to ‘delivery’ risks, i.e. risks that arise from your services and your client group/s? In the third sector, many of our projects involve the individuals and communities we serve. Because of this our risk management is often focussed on things like health and safety and safeguarding. But it’s important to remember these are not the only risks our projects face.

There are many different types or categories of risk and these will depend upon your project but as a guide here are some examples below:

Target/Outcome risks (such as failing to meet with contractual targets). It’s useful to identify early on what your ‘inputs’ will be, and be clear on the difference between your ‘outputs’ and your ‘outcomes’ and what exactly you are expected to report on.

Scheduling risks (such as failing to meet activity deadlines, dependencies not being identified so one activity delays another or is scheduled to take place prior to an activity that feeds into it, or scheduling errors – for example if a project has an activity that takes 6 weeks to complete but is scheduled to start 4 weeks prior to the project end date – believe me it happens!)

Scope creep and changing the ask (how many of us have worked on projects where the goalposts keep being moved by the funder?)

Fit for purpose risks. Will the product or service you are delivering be ‘fit for purpose’? Does it solve the problem you are trying to address? What risks impact upon this?

External dependencies. There is a very real risk that external suppliers (this means external to the project, not necessarily the organisation) will not play their part. They may deliver something that doesn’t meet with requirements, or it may not be on time, or it may not be done at all. This is often the most frustrating element of the risk management process.

There are many ways of identifying risks and there are tools that can help you to do this. Here are just a few ideas:

Review your ‘lessons learned’ log. Lessons learned logs are an easy way to centrally record and share the learning gained from delivering projects. I know that not all organisations have one of these but it is a very simple way to increase the likelihood of positive outcomes and reduce the recurrence of undesirable outcomes across all projects within an organisation.

Do a ‘PESTLE’ analysis. This help you to identify risks outside of your project, that may impact upon it. For example, the results of ‘Brexit’ are likely to have a significant impact upon projects funded by the European Social Fund. The Charity Commission for England and Wales published the new Charities Act fundraising rules, which came into force on 1 November 2016. This legal change may impact upon your project. It’s a useful tool for identifying these factors and identifying any risks or opportunities that arise from them. PESTLE stands for:

P – Political

E – Economic

S – Social

T – Technological

L – Legal

E – Environmental

Ask people! Involve the project team in brainstorming sessions. There are lots of online risk identification prompt tools, which can help you to go through risks by type. Get a facilitator to help your team to identify risks. Interview stakeholders.

Whilst you review your risk register regularly to update ratings (more about this in our next article on assessing project risks), and people can raise risks at any time throughout the project it’s useful to do a risk identification exercise periodically. Remember – identifying and capturing risks is not a one-off activity. You should aim to do it as early as possible as you design your project with your risk register growing and getting more detailed as the project develops and moves into delivery.

If you would like to learn more about Managing Project Risks and Issues we have a full-day training session taking place shortly on Wednesday 19th July 2017 at the Loftspace, Birmingham. This workshop is suitable for anyone who is managing a project in a charity, community group or voluntary organisation and is one of a series of workshops by PM3 – Project Management for the Third Sector, designed specifically for people managing projects in the Third Sector.

Nikki-Dee Haddleton is Director of PM3 – Project Management for the Third Sector. Incorporating feedback from Third Sector organisations and Project Management professionals they have designed a framework specifically for Project Managers in the Third Sector. PM3 – Project Management for the Third Sector delivers high quality, affordable Project Management consultancy and freelance services, training, support and more.